0

I am using jQuery and prototype libarary fro this project.

I have this code so far:

HTML:

<div id="cnt"></div> <input type ="text" id="bla" name="tct"/>
Javascript:

if(e.keycode == 13){
    var text = document.getElementById('#bla');
    text= $('#bla').val();
    //text.evaljson();
    //I put a comment because it gives me error "badly formed json string"
    $('#cnt').append(text); 
   }

When I place some code like <script> alert('hello world');</script> it gets executed.

How can I remove it?

3
Contributors
6
Replies
19
Views
2 Years
Discussion Span
Last Post by diafol
0

your example giving me error of csrf. here is tht error
Forbidden (403)
CSRF verification failed. Request aborted.
More information is available with DEBUG=True.

0

i run his example and i putvalue in textbox and hit entere then there come that error. u can check urself

0

Take off the form tags and

$('#bla').on('change', function () {
    var text = $('#bla').val();
    $('#cnt').append(document.createTextNode(text));
});
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.